SYSTEM AND METHOD FOR SECURELY COMMUNICATING WITH ELECTRONIC METERS

US 20100241848A1
Filed: 02/26/2010
Published: 09/23/2010
Est. Priority Date: 02/27/2009
Status: Active Grant

First Claim

Patent Images

1. A method for securely communicating with electronic meters, said electronic meters being communicatively connectable to an intermediary server controlled by a utility, said utility providing a service associated with said electronic meters, said method comprising:

a cryptographic backend system comprising one or more cryptographic servers receiving a first request from said intermediary server to cryptographically process a first message to be sent to an electronic meter;

said cryptographic backend system cryptographically processing said first message to generate a first protected message according to requirements associated with said first message and using one or more cryptographic keys associated with said electronic meter;

said cryptographic backend system returning said first protected message to said intermediary server for providing said protected message to said electronic meter;

said cryptographic backend system receiving a second protected message from said intermediary server, said second protected message having been generated by said electronic meter cryptographically processing a second message, and having been sent by said electronic meter to said intermediary server;

said cryptographic backend system determining one or more keys associated with said electronic meter;

said cryptographic backend system cryptographically processing said second protected message to obtain said second message; and

said cryptographic backend system returning said second message to said intermediary server to enable said intermediary server to interpret said second message.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An infrastructure for securely communicating with electronic meters is described, which enables secure communication between a utility and a meter located at a customer, over a communication link or connection such as via a network. This enables messages to be sent from the utility to the meter and vice versa in a secure manner. The network provides a communication medium for communicating via the C12.22 protocol for secure metering. A cryptographic backend is used to cryptographically process messages to be sent to the meter and to similarly cryptographically process messages sent from the meter. By providing appropriate cryptographic measures such as key management, confidentiality and authentication, the meter can only interpret and process messages from a legitimate utility and the utility can ensure that the messages it receives are from a legitimate meter and contain legitimate information.

Citations

27 Claims

1. A method for securely communicating with electronic meters, said electronic meters being communicatively connectable to an intermediary server controlled by a utility, said utility providing a service associated with said electronic meters, said method comprising:
- a cryptographic backend system comprising one or more cryptographic servers receiving a first request from said intermediary server to cryptographically process a first message to be sent to an electronic meter;
  
  said cryptographic backend system cryptographically processing said first message to generate a first protected message according to requirements associated with said first message and using one or more cryptographic keys associated with said electronic meter;
  
  said cryptographic backend system returning said first protected message to said intermediary server for providing said protected message to said electronic meter;
  
  said cryptographic backend system receiving a second protected message from said intermediary server, said second protected message having been generated by said electronic meter cryptographically processing a second message, and having been sent by said electronic meter to said intermediary server;
  
  said cryptographic backend system determining one or more keys associated with said electronic meter;
  
  said cryptographic backend system cryptographically processing said second protected message to obtain said second message; and
  
  said cryptographic backend system returning said second message to said intermediary server to enable said intermediary server to interpret said second message.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method according to claim 1, wherein said first message has been encoded in a first request sent by said intermediary server, said method further comprising said cryptographic backend system decoding said request to obtain said first message upon receipt thereof, and encoding said first protected message in a first response prior to returning said first protected message to said intermediary server.
  - 3. The method according to claim 1, wherein said second protected message has been encoded in a second request sent by said intermediary server, said method further comprising said cryptographic backend system decoding said second request to obtain said second protected message upon receipt thereof, and encoding said second message in a second response prior to returning said second message to said intermediary server.
  - 4. The method according to claim 1, wherein said cryptographic backend system comprises a first cryptographic server for processing messages to be sent to said electronic meters, and a second cryptographic server for processing messages received by said intermediary server from said electronic meters.
  - 5. The method according to claim 4, wherein said first cryptographic server is configured to perform encryption and signing operations, and wherein said second cryptographic server is configured to perform decryption operations.
  - 6. The method according to claim 4, wherein said second cryptographic server is configured to store and manage keys associated with said electronic meters, and wherein said first and second cryptographic servers are communicably connectable to each other to enable said first cryptographic server to determine from said second cryptographic server, whether or not said first message should be encrypted before it is signed.
  - 7. The method according to claim 4, wherein said first cryptographic server comprises a daemon for handling service requests pertaining to said first message received from said intermediary server and said second protected message being sent to said intermediary server.
  - 8. The method according to claim 1, wherein said first message is signed, and wherein said second protected message is encrypted and is thereby decrypted by said cryptographic backend system.
  - 9. The method according to claim 8, wherein said first message is encrypted prior to being signed.

10. A computer readable medium comprising computer executable instructions for securely communicating with electronic meters, said electronic meters being communicatively connectable to an intermediary server controlled by a utility, said utility providing a service associated with said electronic meters, said computer readable medium comprising instructions for:
- receiving a first request from said intermediary server to cryptographically process a first message to be sent to an electronic meter;
  
  cryptographically processing said first message to generate a first protected message according to requirements associated with said first message and using one or more cryptographic keys associated with said electronic meter;
  
  returning said first protected message to said intermediary server for providing said protected message to said electronic meter;
  
  receiving a second protected message from said intermediary server, said second protected message having been generated by said electronic meter cryptographically processing a second message, and having been sent by said electronic meter to said intermediary server;
  
  determining one or more keys associated with said electronic meter;
  
  cryptographically processing said second protected message to obtain said second message; and
  
  returning said second message to said intermediary server to enable said intermediary server to interpret said second message.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The computer readable medium according to claim 10, wherein said first message has been encoded in a first request sent by said intermediary server, said method further comprising said cryptographic backend system decoding said request to obtain said first message upon receipt thereof, and encoding said first protected message in a first response prior to returning said first protected message to said intermediary server.
  - 12. The computer readable medium according to claim 10, wherein said second protected message has been encoded in a second request sent by said intermediary server, said method further comprising decoding said second request to obtain said second protected message upon receipt thereof, and encoding said second message in a second response prior to returning said second message to said intermediary server.
  - 13. The computer readable medium according to claim 10, wherein said instructions are executed by a first cryptographic server for processing messages to be sent to said electronic meters, and a second cryptographic server for processing messages received by said intermediary server from said electronic meters.
  - 14. The computer readable medium according to claim 13, wherein said instructions configure first cryptographic server to perform encryption and signing operations, and wherein said instructions configure said second cryptographic server to perform decryption operations.
  - 15. The computer readable medium according to claim 13, wherein said instructions configure said second cryptographic server to store and manage keys associated with said electronic meters, and wherein said instructions configure said first and second cryptographic servers to be communicably connectable to each other to enable said first cryptographic server to determine from said second cryptographic server, whether or not said first message should be encrypted before it is signed.
  - 16. The computer readable medium according to claim 13, wherein said instructions configure said first cryptographic server to operate a daemon for handling service requests pertaining to said first message received from said intermediary server and said second protected message being sent to said intermediary server.
  - 17. The computer readable medium according to claim 10, wherein said first message is signed, and wherein said second protected message is encrypted and is thereby decrypted.
  - 18. The computer readable medium according to claim 17, wherein said first message is encrypted prior to being signed.

19. A cryptographic backend system for enabling an intermediary server to securely communicate with electronic meters, said electronic meters being communicatively connectable to said intermediary server, said intermediary server being controlled by a utility, said utility providing a service associated with said electronic meters, said cryptographic backend system comprising:
- one or more cryptographic servers configured for;
  
  receiving a first request from said intermediary server to cryptographically process a first message to be sent to an electronic meter;
  
  cryptographically processing said first message to generate a first protected message according to requirements associated with said first message and using one or more cryptographic keys associated with said electronic meter;
  
  returning said first protected message to said intermediary server for providing said protected message to said electronic meter;
  
  receiving a second protected message from said intermediary server, said second protected message having been generated by said electronic meter cryptographically processing a second message, and having been sent by said electronic meter to said intermediary server;
  
  determining one or more keys associated with said electronic meter;
  
  cryptographically processing said second protected message to obtain said second message; and
  
  returning said second message to said intermediary server to enable said intermediary server to interpret said second message.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
- - 20. The system according to claim 19, wherein said first message has been encoded in a first request sent by said intermediary server, said one or more cryptographic servers being further configured for:
    - decoding said request to obtain said first message upon receipt thereof; and
      
      encoding said first protected message in a first response prior to returning said first protected message to said intermediary server.
  - 21. The system according to claim 19, wherein said second protected message has been encoded in a second request sent by said intermediary server, said one or more cryptographic servers being further configured for:
    - decoding said second request to obtain said second protected message upon receipt thereof; and
      
      encoding said second message in a second response prior to returning said second message to said intermediary server.
  - 22. The system according to claim 19, wherein said cryptographic backend system comprises a first cryptographic server for processing messages to be sent to said electronic meters, and a second cryptographic server for processing messages received by said intermediary server from said electronic meters.
  - 23. The system according to claim 22, wherein said first cryptographic server is configured to perform encryption and signing operations, and wherein said second cryptographic server is configured to perform decryption operations.
  - 24. The system according to claim 22, wherein said second cryptographic server is configured to store and manage keys associated with said electronic meters, and wherein said first and second cryptographic servers are communicably connectable to each other to enable said first cryptographic server to determine from said second cryptographic server, whether or not said first message should be encrypted before it is signed.
  - 25. The system according to claim 22, wherein said first cryptographic server comprises a daemon for handling service requests pertaining to said first message received from said intermediary server and said second protected message being sent to said intermediary server.
  - 26. The system according to claim 19, wherein said first message is signed, and wherein said second protected message is encrypted and is thereby decrypted by said cryptographic backend system.
  - 27. The system according to claim 26, wherein said first message is encrypted prior to being signed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Itron, Inc.
Original Assignee
Certicom Corporation (Blackberry Limited)
Inventors
Colburne, Jason Andrew, Laidlaw, Ian Robert, Smith, Keelan

Granted Patent

US 9,037,844 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/153
CPC Class Codes

G01D 4/004   Remote reading of utility m...

H04L 63/0442   wherein the sending and rec...

H04L 63/126   the source of the received ...

H04L 67/12   specially adapted for propr...

H04L 9/083   involving central third par...

H04L 9/0891   Revocation or update of sec...

H04L 9/3247   involving digital signatures

Y02B 90/20   Smart grids as enabling tec...

Y04S 20/30   Smart metering, e.g. specia...

SYSTEM AND METHOD FOR SECURELY COMMUNICATING WITH ELECTRONIC METERS

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR SECURELY COMMUNICATING WITH ELECTRONIC METERS

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links